Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.

i have install in a same IBM SERVER DNS,WEB(Apache),MAIL(Sendmail)in redhat enterprise 3 es but my firewall is very weak can anyone send me some firewall(iptables or ipchain) for my dns,web & mail server?Fahad

Hi Fahad... you'll need to provide a little more information.
What network interfaces are there?
Is the box directly internet facing or is there a f/w?
Do you need any shell access configured?
Do you use SSL on your webserver?
Is your DNS internal only?

Hi Fahad... you'll need to provide a little more information.
What network interfaces are there?
Is the box directly internet facing or is there a f/w?
Do you need any shell access configured?
Do you use SSL on your webserver?
Is your DNS internal only?

the infomations are:-
1.there is only one interface with isp.
2.there linux biuld in f/w.
3.yes there is shell/ssh access configure.
4.no there is no ssl on web server.
5.there are 2 dsn(primary & secondary)from the isp and also i hav configure NS for web & mail in same IBM server.

I doubt they're going through port 80 anyhow, so you'd be better off just blocking whatever domain they authenticate through in iptables.
Just drop everything with either a source of destination of the particular domain. If you use wireshark on your proxy, you can watch the authentication handshake in progress and take note of the domains.

If i run with nowonmai's script and modify it the way I read it......
-I made the following changes because it sounds like you are running External Facing DNS
-You dont want to spam the logs and create a D.O.S
-You can't have -o lo on the INPUT chain (probably a typo)
-Blocked MSN and AOL (Only if we are the gateway / But we aren't because we havent written any NAT'ing rules, so the last 2 lines are probably useless anyway)
-Set the variable $IPT

Anyway there are a million different ways to do things, this is just two of them.